security

Bookmarks for 18 nov 2013 through 4 dic 2013

These are my links for 18 nov 2013 through 4 dic 2013:

  • Ratuus – RATUUS is an easy to use, web based system for administration of POSTFIX virtual domains and users. Sounds good, but what does it really mean? Postfix mail server is able to work with non-system users, users which are not known to the operating system. This functionality is very useful since it gives you possibility to use one mail server for multiple domains without worrying that usernames will overlap. Like this you can have address [email protected] and also [email protected] and they can all point to different mailboxes. These kind of users are usually stored in some kind of a database, with MySQL database being most commonly used. And this is where RATUUS comes into play – it provides user friendly interface for managing these virtual users and domains. With RATUUS you can easily create, modify and delete domains, users and aliases and all your actions are immediately reflected to Postfix configuration. RATUUS is using the same database layout as famous PostfixAdmin so migration
  • Home · opensolutions/ViMbAdmin Wiki · GitHub – ViMbAdmin (pronounced vim-be-admin and meaning Virtual Mailbox Administration) is intended as an alternative to (and a near slot in replacement) for the popular but dated Postfix Admin application. It has been developed by Open Solutions, a company based in Dublin, Ireland specialising in PHP web application development, Linux and UNIX system administration and ISP grade networking and we are releasing it under a GPL V3 license. It is written in PHP using the Zend Framework, Doctrine ORM and Smarty with JQuery on the frontend.
  • linux.bonasia.info – […] Non sono un maestro di arti marziali, tanto meno di GNU/Linux, questo sito è una raccolta (forse disordinata e non tanto aggiornata oramai…) dedicata ai sistemisti che ho formato e supportato affiancandoli giorno dopo giorno […]
  • Beleth – Security101 – Blackhat Techniques – Hacking Tutorials – Vulnerability Research – Security Tools – Beleth is a multi-threaded asynchronous SSH password auditing tool written in C. There are plenty of other password cracking programs out there that can do the job, but I wanted something small, fast, and custom as a proof of concept. After preliminary tests, Beleth was able to outperform both THC-Hydra and Ncrack. Beleth also allows you to run a remote command after successfully cracking a password. [ via https://delicious.com/farmando ]

Bookmarks for 2 ott 2013 through 22 ott 2013

These are my links for 2 ott 2013 through 22 ott 2013:

  • Digital Attack Map – Digital Attack Map is a live data visualization of DDoS attacks around the globe, built through a collaboration between Google Ideas and Arbor Networks. The tool surfaces anonymous attack traffic data to let users explore historic trends and find reports of outages happening on a given day. [ via https://delicious.com/farmando ]
  • uProxy – What is uProxy? uProxy is a browser extension that lets users share alternative more secure routes to the Internet. It's like a personalised VPN service that you set up for yourself and your friends. uProxy helps users protect each other from third parties who may try to watch, block, or redirect users’ Internet connections. [ via https://delicious.com/farmando ]
  • Clustering with JBoss mod_cluster – jboss cluster – JBoss application server tutorials – Mod cluster is an http based load balancer which greatly simplify the setup of an http cluster. It ships as a set of modules which need to be installed on the httpd server and a Service Archive Library (.sar) which needs to be deployed on JBoss AS (It is built-in in JBoss AS 6/7).   Compared with the former mod_jk, the new mod_cluster has the great advantage to accept a dynamic configuration of httpd workers. This can be done through an advertise mechanism where all httpd workers communicate lifecycle events (like startup or shutdown) thus leveraging dynamic configuration of nodes.
  • How to configure mod_cluster with JBoss ? « JBoss – Like mod_jk, mod_cluster is also a httpd based load balancer which uses a communication channel to forward requests from the httpd to one of a set of application server nodes. So the question comes Why mod_cluster ? To answer this question we will let you know few advantages of mod_cluster over mod_jk and other httpd-based load balancers.

Bookmarks for 19 set 2013 through 25 set 2013

These are my links for 19 set 2013 through 25 set 2013:

  • AIXchange: Restricting FTP Access (AIX) – A customer was trying to restrict user access to a particular directory on an AIX system when FTP was used. We came across two good options.
  • FBI Tor Malware Analysis – […] In April 2013, a piece of malware was found embedded in Freedom Hosting's darknet server that would exploit a security hole in a particular web browser and execute code on the user's computer. This code gathered some information about the user and sent it to a server in Virginia and then crashed – it had no obvious malicious intent that is so characteristic of malware. It was therefore theorised that the FBI, who have offices in Virginia, and who have 'form' for writing malware, may have authored it – this now appears to be true. […]
  • Samba4 and OpenChange on a Debian or Ubuntu server – Samba4/Openchange suite promises to provide a complete Active Directory© domain controller with an alternative to a Microsoft Exchange server. Gracefully to the rewrite of MAPI protocol, Outlook can now seamlessly connect to a Linux server for synchronizing and sharing calendars, contacts, tasks and mails.

Bookmarks for 20 ago 2013 through 7 set 2013

These are my links for 20 ago 2013 through 7 set 2013:

  • Gmvault: gmail backup – Gmvault is a tool for backing up your gmail account and never lose email correspondence. Gmvault is open source and under GNU-AGPL-3.0. [ via http://www.lffl.org/2013/09/gmvault-effettuare-il-backup-e.html ]
  • SSL Checker – SSL Certificate Verify – SSL Checker This SSL Checker will help you diagnose problems with your SSL certificate installation. You can verify the SSL certificate on your web server to make sure it  is correctly installed, valid, trusted and doesn't give any errors to any of your users. To use the SSL Checker, simply enter your server's hostname (must be public) in the box below and click the Check SSL button. If you need an SSL certificate, check out the SSL Wizard.
  • A Gentoo Linux Advanced Reference Architecture – The book "A Gentoo Linux Advanced Reference Architecture" is meant as a resource displaying the powerful features of many free software solutions that are supported on top of Gentoo Linux. It is a deep-dive approach in many aspects related to processes, supportability, maintainability based on Gentoo Linux system deployments. Unlike the existing, per-application documents that exist on the Internet (and which are a valuable resource to get into the gory details of many applications) and the per-distribution guides that provide information on using that particular distribution, this book will focus more on architecturing IT infrastructure for medium-sized enterprises. Smaller enterprises might find the reference architecture here too expensive or large – however, many services described in the book can be slimmed down into a smaller deployment as well.

Bookmarks for 24 lug 2013 through 2 ago 2013

These are my links for 24 lug 2013 through 2 ago 2013:

  • wg/wrk · GitHub – wrk is a modern HTTP benchmarking tool capable of generating significant load when run on a single multi-core CPU. It combines a multithreaded design with scalable event notification systems such as epoll and kqueue. [ via http://onethingwell.org/post/56882294128/wrk ]
  • Automate and manage systems installation with Cobbler – Cobbler simplifies system provisioning by centralizing the tasks that are involved in setting up and administering an installation server. This article discusses some of Cobbler's features, how to install it, and how to create a configuration suitable for automatically installing multiple client machines.
  • Cobbler – Linux install and update server – Cobbler is a Linux installation server that allows for rapid setup of network installation environments. It glues together and automates many associated Linux tasks so you do not have to hop between many various commands and applications when deploying new systems, and, in some cases, changing existing ones. Cobbler can help with provisioning, managing DNS and DHCP, package updates, power management, configuration management orchestration, and much more. (And you can integrate with chef or puppet)
  • Redhat I/O Scheduler Configuration in a Virtual Machine. – FATMIN – […] However, because of the fact that ESX is its own built in elevator, the Linux kernel's elevator is not needed, and in fact can hurt disk performance. So its best to disable the elevator inside your linux VMs […] Da controllare comunque dovrebbe andare anche su altre distro
  • RDP with NLA from Linux – Is there a way to connect to a Windows 2008 Remote Desktop Services with NLA from Linux?   Yes! FreeRDP is a fork of Rdesktop. Rdesktop seems to have stopped developement, so a fork is very welcome. NLA is still not in the main release, but it isn't hard to check out a copy from GIT and compile the latest source yourself.

Bookmarks for 15 lug 2013 through 17 lug 2013

These are my links for 15 lug 2013 through 17 lug 2013:

  • Regex Crossword – Welcome to the fantastic world of nerdy regex fun! Start playing by selecting one of the puzzle challenges below. There are a wide range of difficulties from beginner to expert. [ via http://braindead.tumblr.com/post/55677544093 ]
  • Generating an SSH key and setting up SSH-agent – Low End Box – A couple of weeks ago I started with the first tutorial in a series of security-related ones. This is the second tutorial in this series. Last time I spoke about SSH and sudo. As Raymii pointed out in the comments, I never mentioned how to actually generate your own SSH key. In this tutorial, I would like to show you how to do that.
  • Search in a Giphy – Giphy – Search Animated Gifs on the Web

Bookmarks for 9 lug 2013 through 11 lug 2013

These are my links for 9 lug 2013 through 11 lug 2013:

  • AppArmor – Ubuntu Wiki – AppArmor is a Mandatory Access Control (MAC) system which is a kernel (LSM) enhancement to confine programs to a limited set of resources. AppArmor's security model is to bind access control attributes to programs rather than to users. AppArmor confinement is provided via profiles loaded into the kernel, typically on boot. AppArmor profiles can be in one of two modes: enforcement and complain. Profiles loaded in enforcement mode will result in enforcement of the policy defined in the profile as well as reporting policy violation attempts (either via syslog or auditd). Profiles in complain mode will not enforce policy but instead report policy violation attempts.
  • AppArmor – Documentation
  • SmoothSec – Smooth-Sec is a fully-ready IDS/IPS (Intrusion Detection/Prevention System) Linux distribution based on Debian 7 (wheezy), available for 32 and 64 bit architecture. The distribution includes the latest version of Snorby, Snort, Suricata, PulledPork and Pigsty. An easy setup process allows to deploy a complete IDS/IPS System within minutes, even for security beginners with minimal Linux experience. [ via https://delicious.com/farmando ]
  • Ninite – Install or Update Multiple Apps at Once – Install and Update All Your Programs at Once

Bookmarks for 5 lug 2013 from 10:30 to 10:51

These are my links for 5 lug 2013 from 10:30 to 10:51:

  • Learn X in Y Minutes: Scenic Programming Language Tours – Imparare un linguaggio di programmazione in pochi minuti analizzando pezzetti di codice [ via http://pollycoke.org/aemme/socialbox/76340 ]
  • kaniini/tpe-lkm · GitHub – Trusted Path Execution is a security feature that denies users from executing programs that are not owned by root, or are writable. This closes the door on a whole category of exploits where a malicious user tries to execute his or her own code to attack the system. Since this module doesn't use any kind of ACLs, it works out of the box with no configuration. It isn't complicated to test or deploy to current production systems. Just install it and you're done! [ via http://braindead.tumblr.com/post/54604427204 ]
  • Rizzoma is a zoomable and free collaboration service. – Realtime collaboration service for group work. Any-place foldable comments, representing documents as a mindmap, flexible and clear structure.

Bookmarks for 14 giu 2013 through 18 giu 2013

These are my links for 14 giu 2013 through 18 giu 2013:

  • apache2-mpm-itk – apache2-mpm-itk (just mpm-itk for short) is an MPM (Multi-Processing Module) for the Apache web server. mpm-itk allows you to run each of your vhost under a separate uid and gid—in short, the scripts and configuration files for one vhost no longer have to be readable for all the other vhosts. mpm-itk is based on the traditional prefork MPM, which means it's non-threaded; in short, this means you can run non-thread-aware code (like many PHP extensions) without problems. On the other hand, you lose out to any performance benefit you'd get with threads, of course; you'd have to decide for yourself if that's worth it or not. You will also take an additional performance hit over prefork, since there's an extra fork per request. [ via http://bastian.rieck.ru/blog/posts/2012/secure_owncloud_installation/ ]
  • iTerm2 – Mac OS Terminal Replacement – iTerm2 is a replacement for Terminal and the successor to iTerm. It works on Macs with OS 10.5 (Leopard) or newer. Its focus is on performance, internationalization, and supporting innovative features that make your life better.
  • Introducing Pysa – Reverse your servers’ configurations! | MadeiraCloud – We are excited to announce the Alpha release of our new open-source configuration reverse engineering tool: Pysa Pysa aims to help anyone who wants to replicate an existing configuration and not simply clone the entire machine. It can be use to migrate configurations from one computer to another (as physical machines to virtual clouds), backup existing configurations, or for any other migration purpose.